$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/Ty0EtMZUQ-72pDtxY-MOyulFKZ4.roa File: Ty0EtMZUQ-72pDtxY-MOyulFKZ4.roa (raw, json) Hash identifier: 74n9zPeHGLZncApDqlElfPc1B6EQ+nAnWlNwZbGnGGw= Subject key identifier: 4F:2D:04:B4:C6:54:43:EE:F6:A4:3B:71:63:E3:0E:CA:E9:45:29:9E Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: 0216 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Ty0EtMZUQ-72pDtxY-MOyulFKZ4.roa Signing time: Sun 06 Jul 2025 12:19:20 +0000 ROA not before: Sun 06 Jul 2025 12:19:20 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 8796 IP address blocks: 103.216.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 13:39:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 534 (0x216) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: Jul 6 12:19:20 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=4F2D04B4C65443EEF6A43B7163E30ECAE945299E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:57:c0:1b:93:4e:46:88:d5:1a:96:68:14:17: 44:c1:37:25:14:60:e4:5a:d2:d3:ac:d8:71:0c:68: 8d:3d:41:ac:c6:44:85:0b:76:ca:85:62:0d:12:11: 59:fd:5d:4b:6c:32:53:c3:ff:0d:cb:6e:43:62:6c: 8b:7e:22:ce:cf:b5:0c:f2:b4:f0:61:ed:81:8d:ee: 16:ea:23:65:41:c5:a4:10:df:ee:59:8d:ec:e0:23: d4:f2:49:e3:6f:e9:57:b7:a2:11:f3:45:d1:b5:07: 82:9e:cc:22:96:58:7e:10:83:50:60:4c:1f:60:35: 4c:a5:aa:8e:a7:9b:3e:b4:81:50:33:98:9c:95:1e: 6e:14:29:00:83:f8:9f:24:e4:44:83:82:66:af:75: e0:bf:39:2e:7e:f3:30:1e:8d:e6:05:87:7f:5e:2d: f9:a3:6b:d7:bb:70:28:4b:13:60:62:c8:ae:37:7b: 2e:58:05:ae:a7:e4:7e:ed:27:1a:69:f5:45:0a:0e: eb:b7:e2:76:ad:77:a1:c2:6f:08:cf:b8:50:c7:21: c2:a0:cf:cf:92:55:4e:16:62:e6:7f:37:fd:59:7d: ab:e2:55:fb:b1:f8:56:f0:92:e5:a1:47:40:c9:9f: a9:b1:2d:58:97:8a:98:2b:9e:be:9d:fc:a5:a0:3c: 9f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:2D:04:B4:C6:54:43:EE:F6:A4:3B:71:63:E3:0E:CA:E9:45:29:9E X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Ty0EtMZUQ-72pDtxY-MOyulFKZ4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.216.228.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:14:2a:b1:9c:8c:8b:76:a4:4b:9d:13:5b:8b:26:d5:04:64: e1:8c:c7:b0:77:26:09:90:04:4f:55:8a:ed:03:9f:f6:1e:e6: 47:43:e1:54:1e:2d:04:ed:03:5e:be:55:84:55:f9:75:e8:21: 49:4f:bf:69:d2:fe:8c:19:54:4f:c8:dd:16:20:e0:8d:10:0f: b8:37:e5:f7:0c:2d:36:91:70:a1:d5:19:b8:78:1c:aa:94:32: 25:7b:47:b2:c3:f3:d9:23:bb:26:4f:7d:08:fd:7f:40:60:ae: dd:e3:bd:17:f6:8a:90:84:c3:05:b8:09:96:7b:bf:cf:ee:20: ce:bf:53:f8:34:1d:6f:b4:15:d4:bd:b2:56:8b:08:9e:43:96: 04:96:39:d3:c3:30:49:06:f6:ab:75:0a:36:f7:91:a5:3e:97: e4:e4:1c:9c:55:3d:77:18:60:d1:db:18:90:9f:db:38:95:c7: 9b:2c:54:1f:fb:b8:b5:1b:25:64:37:df:cc:0b:36:09:22:c3: ce:d2:58:b2:dc:f5:3e:7b:03:0f:95:10:7c:6f:51:3d:a8:ba: a1:ec:05:6f:41:05:4f:55:ae:a7:ee:1f:c1:4e:f9:bf:dc:6a: da:1c:1c:49:b9:e2:18:bc:4b:20:0c:79:84:7c:9e:56:65:d1: 0e:8e:6f:13 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA3MDYx MjE5MjBaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKDRGMkQwNEI0QzY1NDQz RUVGNkE0M0I3MTYzRTMwRUNBRTk0NTI5OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmV8Abk05GiNUalmgUF0TBNyUUYORa0tOs2HEMaI09QazGRIUL dsqFYg0SEVn9XUtsMlPD/w3LbkNibIt+Is7PtQzytPBh7YGN7hbqI2VBxaQQ3+5Z jezgI9TySeNv6Ve3ohHzRdG1B4KezCKWWH4Qg1BgTB9gNUylqo6nmz60gVAzmJyV Hm4UKQCD+J8k5ESDgmavdeC/OS5+8zAejeYFh39eLfmja9e7cChLE2BiyK43ey5Y Ba6n5H7tJxpp9UUKDuu34natd6HCbwjPuFDHIcKgz8+SVU4WYuZ/N/1ZfaviVfux +FbwkuWhR0DJn6mxLViXipgrnr6d/KWgPJ8BAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTy0EtMZUQ+72pDtxY+MOyulFKZ4wHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvVHkwRXRNWlVRLTcy cER0eFktTU95dWxGS1o0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfY5DANBgkqhkiG9w0BAQsFAAOCAQEAexQqsZyMi3akS50TW4sm1QRk4YzH sHcmCZAET1WK7QOf9h7mR0PhVB4tBO0DXr5VhFX5deghSU+/adL+jBlUT8jdFiDg jRAPuDfl9wwtNpFwodUZuHgcqpQyJXtHssPz2SO7Jk99CP1/QGCu3eO9F/aKkITD BbgJlnu/z+4gzr9T+DQdb7QV1L2yVosInkOWBJY508MwSQb2q3UKNveRpT6X5OQc nFU9dxhg0dsYkJ/bOJXHmyxUH/u4tRslZDffzAs2CSLDztJYstz1PnsDD5UQfG9R Pai6oewFb0EFT1Wup+4fwU75v9xq2hwcSbniGLxLIAx5hHyeVmXRDo5vEw== -----END CERTIFICATE-----Generated at Sun Jul 20 12:47:47 2025 by rpki-client